Today > vulnerabilities   -   You can now download lists of IOCs here!

Tag: service

3 attack reports | 0 vulnerabilities

Attack reports

Burning Zero Days: Suspected Nation-State Adversary Targets Ivanti CSA

A zero-day vulnerability exploited by an advanced adversary to gain access to a victim’s network, according to research by FortiGuard Labs and the Centre for Strategic Intelligence (CISA).

rootkit
powershell
lockbit
attack
service
malicious
web shell
2024-10-15
threat actor
zero-day vulnerability
csa appliance
cve20248190
zero
life
Published: October 15, 2024

Downloadable IOCs 17

Info Stealing Campaign Uses DLL Sideloading Through Legitimate Cisco Webex’s Binaries for Initial Execution and Defense Evasion

In March 2024, researchers at the Trellix Advanced Research Center uncovered a sophisticated and evasive attack campaign targeting users in Latin America and Asia Pacific through trojanized copies of the Cisco Webex Meetings App. This campaign employed a stealthy malware loader, known as HijackLoad…

service
2024-06-20
autoit3
module
cisco webex
vt sustained
vt powershell
systems
meetings app
vt executed
pe payload
Published: June 20, 2024

Downloadable IOCs 36

Ongoing Malvertising Campaign leads to Ransomware

Rapid7 detected an ongoing malware distribution campaign involving trojanized installers of WinSCP and PuTTY, delivered via malicious search engine ads. The infection chain employs DLL side-loading, credential access, and deploys Sliver beacons followed by Cobalt Strike. In one case, the threat act…

malware
ransomware
python
cobalt strike
2024-05-15
2024-05-10
msi package
winscp
sliver
putty
service
execution
localappdata
dropped
c2 address
sliver beacon
dnstwist
Published: May 15, 2024

Downloadable IOCs 78

» Click here to see all Attack Reports «